互联网

麻省理工发“币”,性能完爆比特币、以太坊,新节点加入减少99%数据量!

2019/1/25 9:50:00

小辣椒说:本文来源麻省理工学院新闻网站,发布时间为2019年1月23日,由小辣椒区块链翻译。英文水平有限,恐翻译过程或有疏漏、错误,小辣椒把英文原文放在翻译后面,供大家参考学习。

像比特币这类加密货币是建立在区块链上的网络。在这个网络上,金融交易的账本数据格式化在一系列的区块里。这些网络是分布式的,没有银行或组织管理账户余额资金,由用户联合起来存储和验证交易信息。

但是,分布式会导致网络可扩展性不足的问题。新的用户节点在加入时,需要下载存储此前成千上万个区块数据。新用户加入后还要继续存储新的区块数据,并且帮助验证交易。这使得过交易过程缓慢,或者从计算角度来说有些不切实际。

一篇将在下个月网络和分布式系统安全研讨会展示的论文中,麻省理工的研究人员会介绍一个叫金库(Vault)的加密货币,能够让用户在加入网络时下载仅占总交易数据的一小部分数据。

它还集成了删除占用空间的空账本技术,并允许核查只使用被划分和共享在网络上,尽量减少个人用户的数据存储和处理要求的最新交易数据。

在实验中,与比特币相比,Vault将加入其网络的带宽减少了99%,与以太网相比减少了90%。重要的是,Vault仍然确保所有节点都验证所有事务,提供与现有节点相同的严格安全性。

“目前有很多加密货币在新用户加入和存储方面遇到了瓶颈。我们这里的主要目标时给越来越多的用户提供好的扩展性,”作为的参与者,计算机科学与人工智能实验室(CSAIL)的研究生莱昂说道。

CSAIL的研究人员Yossi Gilad和Nickolai Zeldovich也参与了这项研究。NickolaiZeldovich也是电子工程与计算机科学系(EECS)的教授;还有最近的校友Adam Suhl ' 18。

跨过区块

加密货币网络中的每个块都包含一个时间戳、它在区块链中的位置以及固定长度的数字和字母字符串(称为“散列”),这基本上是块的标识。每个新块都包含区块链中前一个块的散列。Vault中的块还包含多达10,000个事务——或10兆字节的数据——这些事务都必须由用户进行验证。区块链的结构,特别是哈希链,确保了对手在不被发现的情况下无法攻击块。

新用户通过下载所有过去的交易数据来加入加密货币网络,或“引导”,以确保它们是安全的和最新的。例如,要在去年加入比特币,用户需要下载50万个区块,总计约为150g。用户还必须存储所有帐户余额,以帮助验证新用户并确保用户有足够的资金完成交易。随着比特币的账户数量超过2200万个,存储要求也越来越高。

研究人员在一种名为Algorand的新型加密货币网络的基础上构建了他们的系统。这种网络由麻省理工学院的福特工程教授SilvioMicali发明。

对于传统的加密货币,用户竞相解验证块的方程,第一个解得到资金的方程。随着网络的扩展,这会减慢事务处理时间。Algorand使用“利害关系证明”概念来更有效地验证块并更好地支持新用户加入。对于每一个区块,都会选出一个具有代表性的核查“委员会”。在网络中拥有更多资金或股份的用户被选中的可能性更高。要加入网络,用户需要验证每个证书,而不是每个事务。

但是每个块都包含一些关键信息,以便在它之前立即验证证书,这意味着新用户必须从链中的第一个块及其证书开始,然后依次验证每个块,这可能很耗时。为了加快速度,研究人员基于几百块或1000块后面的一个块(称为“面包屑”)给每个新的证书验证信息。当一个新用户加入时,他们会将一个早期块的面包屑匹配到前面1000个块的面包屑。这个面包屑可以与前面1000个块的另一个面包屑匹配,等等。

莱昂说:“论文标题是一个双关语。”“金库是一个你可以储存钱的地方,但区块链也让你在加入一个网络时‘金库’跨越街区。”当我引导时,我只需要一个来自过去的块来验证未来的块方法。我可以跳过中间的所有块,这为我们节省了很多带宽。

分而丢弃

为了减少数据存储需求,研究人员设计了一种新的“分片”方案。该技术将事务数据分成更小的部分(或碎片),在整个网络中共享,因此单个用户只需处理少量数据来验证事务。

为了以一种安全的方式实现共享,Vault使用了一种众所周知的数据结构,称为二进制Merkle树。在二叉树中,单个顶部节点分支为两个“子”节点,而这两个节点又各自分解为两个子节点,以此类推。

在Merkle树中,顶部节点包含一个哈希,称为根哈希。但是树是由底部向上构造的。树将底部的每一对子散列组合起来,形成它们的父散列。它在树中重复这个过程,从每对子节点中分配一个父节点,直到将所有内容组合到根哈希中。在加密货币中,顶部节点包含单个块的散列。每个底部节点包含一个散列,表示块中一个事务涉及的一个帐户的余额信息。balance散列和block散列绑定在一起。

为了验证任何一个事务,网络组合两个子节点以获得父节点散列。它在树上重复这个过程。如果最终的组合散列与块的根散列匹配,则可以验证事务。但是对于传统加密货币,用户必须存储整个树结构。

通过Vault,研究人员将Merkle树分成不同的碎片,分配给不同的用户组。每个用户帐户只在其分配的分片中存储帐户的余额,以及根散列。诀窍是让所有用户存储一层节点,该节点横切整个Merkle树。当用户需要从碎片外部验证事务时,他们会跟踪到该公共层的路径。从这个公共层,他们可以确定分片之外的帐户余额,并正常地继续验证。

莱昂说:“网络的每个碎片负责存储大数据结构的一小部分,但这一小部分允许用户验证来自网络所有其他部分的交易。”

此外,研究人员还设计了一种新的方案,可以识别和丢弃用户指定的在一定时间内没有余额的碎片帐户。其他加密货币保留所有空帐户,这增加了数据存储需求,但没有真正的用途,因为它们不需要验证。当用户在Vault中存储帐户数据时,他们会忽略那些旧的、空的帐户。

英文原文

title:A faster, more efficient cryptocurrency

abstract:Design reduces by 99 percent the data users need to join thenetwork and verify transactions.

MIT researchers have developed a new cryptocurrency that drasticallyreduces the data users need to join the network and verify transactions — by upto 99 percent compared to today’s popular cryptocurrencies. This means a muchmore scalable network.

Cryptocurrencies, such as the popular Bitcoin, are networks built on theblockchain, a financial ledger formatted in a sequence of individual blocks,each containing transaction data. These networks are decentralized, meaningthere are no banks or organizations to manage funds and balances, so users joinforces to store and verify the transactions.

But decentralization leads to a scalability problem. To join acryptocurrency, new users must download and store all transaction data fromhundreds of thousands of individual blocks. They must also store these data touse the service and help verify transactions. This makes the process slow orcomputationally impractical for some.

In a paper being presented at the Network and Distributed System SecuritySymposium next month, the MIT researchers introduce Vault, a cryptocurrency thatlets users join the network by downloading only a fraction of the totaltransaction data.

It also incorporates techniques that delete empty accounts that take upspace, and enables verifications using only the most recent transaction datathat are divided and shared across the network, minimizing an individual user’sdata storage and processing requirements.

In experiments, Vault reduced the bandwidth for joining its network by 99percent compared to Bitcoin and 90 percent compared to Ethereum, which isconsidered one of today’s most efficient cryptocurrencies. Importantly, Vaultstill ensures that all nodes validate all transactions, providing tight securityequal to its existing counterparts.

“Currently there are a lot of cryptocurrencies, but they’re hittingbottlenecks related to joining the system as a new user and to storage. Thebroad goal here is to enable cryptocurrencies to scale well for more and moreusers,” says co-author Derek Leung, a graduate student in the Computer Scienceand Artificial Intelligence Laboratory (CSAIL).

Joining Leung on the paper are CSAIL researchers Yossi Gilad and NickolaiZeldovich, who is also a professor in the Department of Electrical Engineeringand Computer Science (EECS); and recent alumnus Adam Suhl ’18.

Vaulting over blocks

Each block in a cryptocurrency network contains a timestamp, its locationin the blockchain, and fixed-length string of numbers and letters, called a“hash,” that’s basically the block’s identification. Each new block contains thehash of the previous block in the blockchain.

Blocks in Vault also contain up to 10,000 transactions — or 10 megabytes ofdata — that must all be verified by users. The structure of the blockchain and,in particular, the chain of hashes, ensures that an adversary cannot hack theblocks without detection.

New users join cryptocurrency networks, or “bootstrap,” by downloading allpast transaction data to ensure they’re secure and up to date. To join Bitcoinlast year, for instance, a user would download 500,000 blocks totaling about 150gigabytes.

Users must also store all account balances to help verify new users andensure users have enough funds to complete transactions. Storage requirementsare becoming substantial, as Bitcoin expands beyond 22 million accounts.

The researchers built their system on top of a new cryptocurrency networkcalled Algorand — invented by Silvio Micali, the Ford Professor of Engineeringat MIT — that’s secure, decentralized, and more scalable than othercryptocurrencies.

With traditional cryptocurrencies, users compete to solve equations thatvalidate blocks, with the first to solve the equations receiving funds.

As the network scales, this slows down transaction processing times.Algorand uses a “proof-of-stake” concept to more efficiently verify blocks andbetter enable new users join.

For every block, a representative verification “committee” is selected.Users with more money — or stake — in the network have higher probability ofbeing selected. To join the network, users verify each certificate, not everytransaction.

But each block holds some key information to validate the certificateimmediately ahead of it, meaning new users must start with the first block inthe chain, along with its certificate, and sequentially validate each one inorder, which can be time-consuming.

To speed things up, the researchers give each new certificate verificationinformation based on a block a few hundred or 1,000 blocks behind it — called a“breadcrumb.” When a new user joins, they match the breadcrumb of an early blockto a breadcrumb 1,000 blocks ahead. That breadcrumb can be matched to anotherbreadcrumb 1,000 blocks ahead, and so on.

“The paper title is a pun,” Leung says. “A vault is a place where you canstore money, but the blockchain also lets you ‘vault’ over blocks when joining anetwork. When I’m bootstrapping, I only need a block from way in the past toverify a block way in the future. I can skip over all blocks in between, whichsaves us a lot of bandwidth.”

Divide and discard

To reduce data storage requirements, the researchers designed Vault with anovel “sharding” scheme. The technique divides transaction data into smallerportions — or shards — that it shares across the network, so individual usersonly have to process small amounts of data to verify transactions.

To implement sharing in a secure way, Vault uses a well-known datastructure called a binary Merkle tree. In binary trees, a single top nodebranches off into two “children” nodes, and those two nodes each break into twochildren nodes, and so on.

In Merkle trees, the top node contains a single hash, called a root hash.But the tree is constructed from the bottom, up.

The tree combines each pair of children hashes along the bottom to formtheir parent hash. It repeats that process up the tree, assigning a parent nodefrom each pair of children nodes, until it combines everything into the roothash.

In cryptocurrencies, the top node contains a hash of a single block. Eachbottom node contains a hash that signifies the balance information about oneaccount involved in one transaction in the block. The balance hash and blockhash are tied together.

To verify any one transaction, the network combines the two children nodesto get the parent node hash. It repeats that process working up the tree.

If the final combined hash matches the root hash of the block, thetransaction can be verified. But with traditional cryptocurrencies, users muststore the entire tree structure.

With Vault, the researchers divide the Merkle tree into separate shardsassigned to separate groups of users.

Each user account only ever stores the balances of the accounts in itsassigned shard, as well as root hashes. The trick is having all users store onelayer of nodes that cuts across the entire Merkle tree. When a user needs toverify a transaction from outside of their shard, they trace a path to thatcommon layer.

From that common layer, they can determine the balance of the accountoutside their shard, and continue validation normally.

“Each shard of the network is responsible for storing a smaller slice of abig data structure, but this small slice allows users to verify transactionsfrom all other parts of network,” Leung says.

Additionally, the researchers designed a novel scheme that recognizes anddiscards from a user’s assigned shard accounts that have had zero balances for acertain length of time.

Other cryptocurrencies keep all empty accounts, which increase data storagerequirements while serving no real purpose, as they don’t need verification.When users store account data in Vault, they ignore those old, emptyaccounts.

——END——

注:原文作者Rob Matheson,翻译小辣椒&有道,来源MITNEWS。链接:

http://news.mit.edu/2019/vault-faster-more-efficient-cryptocurrency-0124

如果大家对研究成果有疑问,可以邮件联系麻省理工学院新闻办公室负责人Abby。

原创转载声明:本文来源小辣椒区块链,禁止未经授权和许可的转载、引用及洗稿行为。

版权声明
本文仅代表作者观点,不代表艾瑞立场。本文系作者授权艾瑞专栏发表,未经许可,不得转载。
  • 合作伙伴

  • 官方微信
    官方微信

    新浪微博
    邮件订阅
    第一时间获取最新行业数据、研究成果、产业报告、活动峰会等信息。
     关于艾瑞| 业务体系| 加入艾瑞| 服务声明| 信息反馈| 联系我们| 合作伙伴| 友情链接

Copyright© 沪公网安备 31010402000581号沪ICP备15021772号-10

扫一扫,或长按识别二维码

关注艾瑞网官方微信公众号